Could involve 800,000 workers
WASHINGTON (Reuters) — The U.S. Postal Service was the victim of a cyber attack that may have compromised the personal information of more than 800,000 employees as well as data on customers who contacted its call center from January through mid-August.
The employee information possibly accessed includes names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment and emergency contact information, the Postal Service said in a statement on Monday.
"The intrusion is limited in scope and all operations of the Postal Service are functioning normally," USPS spokesman David Partenheimer said.
He said the service began telling employees about the breach Monday morning and said it would pay for employees to get credit monitoring services for one year.
Spokeswoman Sue Brennan said more than 800,000 of the service's employees could have been affected.
The intrusion also may have compromised data from people who contacted the Postal Service Customer Care Center by telephone or email from January until Aug. 16. That includes names addresses, phone numbers and email addresses.
The breach did not affect credit card data from retail or online services including Click-N-Ship, the Postal Store, PostalOne! or change of address services, it said.
The FBI is leading the investigation. Spokesman Joshua Campbell said Monday he could not provide further details.
The breach follows a cyber attack reported in August at a firm that performs background checks for U.S. government employees, US Investigations Services (USIS), which compromised data of at least 25,000 workers.
Cyber attacks on retail outlets, such as Home Depot and Target, have been much larger in comparison, affecting tens of millions of customers.
U.S. Representative Elijah Cummings sent a letter to Postmaster General Patrick Donahoe on Monday requesting more information on the Postal Service attack.
"The increased frequency and sophistication of cyber-attacks upon both public and private entities highlights the need for greater collaboration to improve data security," wrote Cummings, the ranking Democrat on the House of Representatives Oversight and Government Reform Committee.
He asked for a description of the attack, including when and how it was discovered, as well as information about the suspected attacks and why the breach went undetected for as long as it did.